Risk & Regulatory Management

Risk Management

Our Board is committed to high standards of risk and regulatory management. We operate a ‘three lines of defence’ model ensuring that we are able to monitor and proactively manage risk; allowing us to respond swiftly to any identified issues

1st line – provided by the business functions, which have primary responsibility for implementing key controls for identifying and managing regulatory risks, ensuring on-going compliance, and monitoring their effectiveness.

2nd line – provided by our compliance function who are responsible for monitoring, reporting and providing advice to our business functions.

3rd line – provided by our internal and external audit teams and offers independent assurance that the processes and controls in lines 1 and 2 are appropriate and operating effectively.

The Risk team operate within a defined Risk Management Framework, approved by the Board, and are responsible for developing risk awareness, managing and reporting on risks and providing guidance on appropriate risk management strategies.

The risk governance structure includes a monthly Management Risk Committee which provides the day to day governance of risk.

Appropriate records of risk management activities are retained in the form of Management Risk Committee minutes,supporting documentation and include data recorded on Target’s Risk Management system.

Compliance Management

Our Compliance function is divided into three key areas:

The Advisory Team provides advice & guidance to the business via service desk requests and project support to ensure all staff are conducting business in a way that is compliant and that ensures fair outcomes for consumers. The team review and approve operational policy & procedure, letter suites, training material and system changes/testing to ensure regulatory compliance.

The Regulatory Development Team continually monitors developments within the industry and produce compliance bulletins and regulatory alerts to assess impact to clients and address any regulatory/industry change.

The Risk & Compliance monitoring plan is set on an annual basis with a degree of flexibility built in to accommodate any emerging issues.

We utilise a number of monitoring techniques in our approach to compliance monitoring, including regular monitoring, thematic reviews and ad hoc monitoring checks.

Internal Audit follows a risk based annual audit programme approved by the Board. This ensures appropriate coverage of operational and support areas including a focus on information security and regulatory adherence. Internal Audit management of the closure of audit findings and significant matters are escalated to the Risk & Audit committee as appropriate.

Authorisations & Accreditations

Our servicing division is authorised and regulated by the Financial Conduct Authority, number 454569 and we have the following authorisations:

Administering and arranging a regulated mortgage contract – customer

Administering and arranging a home reversion plan – customer

Arranging deals in investments – Professional/Retail

Permission on the FCA Register

We also hold the ISAE3402 (SAS70) accreditation.

Download our Monthly Risk and Compliance Bulletins

We publish a useful Bulletin each month to outline key developments in risk and compliance across financial services